Все публикации

CMSTP.exe - remote0:00:25

CMSTP.exe - remote sct execution

xwizard.exe - remote0:00:27

xwizard.exe - remote .sct execution

Powersct0:01:19

Powersct

OneDrive - DLL0:00:51

OneDrive - DLL hijack

MSBuild - PSAttack0:02:15

MSBuild - PSAttack

msiexec.exe - arbitrary0:00:33

msiexec.exe - arbitrary DLL execution

CompatTelRunner.exe DLL Hijack0:00:32

CompatTelRunner.exe DLL Hijack

.cpl - Whitelist0:01:21

.cpl - Whitelist Bypass

COM Hijacking -0:04:18

COM Hijacking - Whitelist Bypass

corgen.exe vs locked-down0:00:36

corgen.exe vs locked-down workstation

coregen.exe - Whitelist0:01:25

coregen.exe - Whitelist Bypass

C2 Server with0:11:29

C2 Server with Docker, Nginx and Metasploit

AppLocker Bypass Techniques0:15:42

AppLocker Bypass Techniques

Phishing with ClickOnce0:05:37

Phishing with ClickOnce

SMB Relay with0:09:59

SMB Relay with Snarf

Exploitation with SMB0:11:20

Exploitation with SMB Relay

Exploitation and Persistence0:12:40

Exploitation and Persistence with Metasploit, Powershell and WMI

Phishing with Powershell,0:07:09

Phishing with Powershell, HTA and Metasploit

Lab Setup0:23:12

Lab Setup